Hi folks,
I'm installing an environment where I had two Zope/Plone servers:
I want to implement SSO around both servers but I don't know how to do it. I try to modify login_next and setAuthCookie(..) to share the __ac cookie in the domain, but didn't work.
Anyone know the best way to achieve it!
Thanks in advance, Oscar Sánchez.
If both sites are on the same domain (but different subdomain), you can try to set the cookie on ".domain.tld". But I'm not sure if that will work - sending the original credentials as cookies is highly insecure, a session should be used in stead, and you can't share this session between two different instances.
Have you considered something like openid, possibly with your own private OpenID provider? That basically implements simple SSO out of the box.
Hi folks,
Problem with the SSO using cookies are the two versions of Zope are different. Now I'm using the same version and this trick "works fine", until we will update all environment to another solution.
Thanks in advance, Oscar.